{ pkgs, lib, ... }:

  imports = [ ./overlay.nix ];

  system.stateVersion = 5;

  users.users.emile = {
    name = "emile";
    home = "/Users/emile";

  users.users.hydra = {
    name = "hydra";
    home = "/Users/hydra";

  # macos sonoma claimed 300, 301, 302, 303 and 304

  # users.groups."nixbld".name = "nixbld";
  # users.users."_nixbld1" = {
  #   name = "_nixbld1";
  # };

  # users.users."_nixbld1".uid = 305;
  # users.users."_nixbld2".uid = 306;
  # users.users."_nixbld3".uid = 307;
  # users.users."_nixbld4".uid = 308;
  # users.users."_nixbld5".uid = 309;

  nix = {
    useDaemon = true;
    # package = pkgs.nixFlakes;
    extraOptions =
    		builders-use-substitutes = true
        auto-optimise-store = true
      + lib.optionalString (pkgs.system == "aarch64-darwin") ''
        extra-platforms = x86_64-darwin aarch64-darwin

    settings = {
      trusted-users = [

      trusted-public-keys = [
        # "nix-cache.emile.space:3xzJknXMsR/EL3SBTu6V6oCOkjxe6MgJm0nOrElW33A="
      substituters = [
        # nix-cache mirror for when in china
        # status: https://mirror.sjtu.edu.cn/
        # "https://mirror.sjtu.edu.cn/nix-channels/store"

        # "https://nix-cache.emile.space"

        # status: https://mirrors.ustc.edu.cn/status/
        # "https://mirrors.ustc.edu.cn/nix-channels/store"


      experimental-features = [

      # don't use the globally defined flakes, as pulling from github for each shell invocation
      # is slow
      flake-registry = "";

    distributedBuilds = true;

    buildMachines = [
        hostName = "corrino.emile.space";
        system = "x86_64-linux";
        maxJobs = 16;
        speedFactor = 2;

        # Feature	      | Derivations requiring it
        # ----------------|-----------------------------------------------------
        # kvm	            | Everything which builds inside a vm, like NixOS tests
        # nixos-test	    | Machine can run NixOS tests
        # big-parallel    | kernel config, libreoffice, evolution, llvm and chromium.
        # benchmark	      | Machine can generate metrics (Means the builds usually
        #                 | takes the same amount of time)

        # cat /etc/nix/machines
        # root@corrino  x86_64-linux      /home/nix/.ssh/id_ed25519        8 1     kvm,benchmark

        supportedFeatures = [
        mandatoryFeatures = [ ];

  nixpkgs = {
    config.allowUnfree = true;

  services.nix-daemon.enable = true;

  # <3
  security.pam.enableSudoTouchIdAuth = true;

  environment = {
    systemPackages = [ ]; # set via home-manager
    shells = with pkgs; [
